From d528b491ced211becaf512a59ad2fdc7d7cf80d7 Mon Sep 17 00:00:00 2001 From: Lukasz Pawelczyk Date: Wed, 18 May 2016 15:41:11 +0200 Subject: [PATCH] API changes around key getters. yaca_key_get_bits() - return bits by size_t typed output param yaca_key_get_type() - new getter to get the type of the key Change-Id: I255f3bf3056a50602c1c2bd0a25c177ecf88ee07 --- api/yaca/key.h | 17 ++++++++++++++--- src/encrypt.c | 17 +++++++++++------ src/key.c | 25 +++++++++++++++++++++---- src/seal.c | 10 ++++++++-- 4 files changed, 54 insertions(+), 15 deletions(-) diff --git a/api/yaca/key.h b/api/yaca/key.h index d6a34d2..c58bc60 100644 --- a/api/yaca/key.h +++ b/api/yaca/key.h @@ -44,13 +44,24 @@ extern "C" { // TODO: We need a way to import keys encrypted with hw (or other) keys. New function like yaca_key_load or sth?? /** + * @brief Get key's type. + * + * @param[in] key Key which type we return. + * @param[out] key_type Key type. + * + * @return 0 on success, negative on error. + */ +int yaca_key_get_type(const yaca_key_h key, yaca_key_type_e *key_type); + +/** * @brief Get key's length (in bits). * - * @param[in] key Key which length we return. + * @param[in] key Key which length we return. + * @param[out] key_bits Key length in bits. * - * @return negative on error or key length (in bits). + * @return 0 on success, negative on error. */ -int yaca_key_get_bits(const yaca_key_h key); +int yaca_key_get_bits(const yaca_key_h key, size_t *key_bits); /** * @brief Imports a key. diff --git a/src/encrypt.c b/src/encrypt.c index c41b77a..a4516c3 100644 --- a/src/encrypt.c +++ b/src/encrypt.c @@ -216,9 +216,10 @@ static int encrypt_init(yaca_ctx_h *ctx, const struct yaca_key_simple_s *liv; struct yaca_encrypt_ctx_s *nc; const EVP_CIPHER *cipher; - int key_bits; + size_t key_bits; unsigned char *iv_data = NULL; - int iv_bits; + size_t iv_bits; + size_t iv_bits_check; int ret; if (ctx == NULL || sym_key == YACA_KEY_NULL) @@ -237,10 +238,9 @@ static int encrypt_init(yaca_ctx_h *ctx, nc->ctx.get_output_length = get_encrypt_output_length; nc->op_type = op_type; - ret = yaca_key_get_bits(sym_key); - if (ret < 0) + ret = yaca_key_get_bits(sym_key, &key_bits); + if (ret != 0) goto err_free; - key_bits = ret; ret = encrypt_get_algorithm(algo, bcm, key_bits, &cipher); if (ret != 0) @@ -265,7 +265,12 @@ static int encrypt_init(yaca_ctx_h *ctx, ret = YACA_ERROR_INVALID_ARGUMENT; goto err_free; } - if (iv_bits != yaca_key_get_bits(iv)) { /* IV length doesn't match cipher */ + ret = yaca_key_get_bits(iv, &iv_bits_check); + if (ret != 0) { + ret = YACA_ERROR_INVALID_ARGUMENT; + goto err_free; + } + if (iv_bits != iv_bits_check) { /* IV length doesn't match cipher */ ret = YACA_ERROR_INVALID_ARGUMENT; goto err_free; } diff --git a/src/key.c b/src/key.c index c906d5a..2730c09 100644 --- a/src/key.c +++ b/src/key.c @@ -823,13 +823,29 @@ struct yaca_key_evp_s *key_get_evp(const yaca_key_h key) } } -API int yaca_key_get_bits(const yaca_key_h key) +API int yaca_key_get_type(const yaca_key_h key, yaca_key_type_e *key_type) +{ + const struct yaca_key_s *lkey = (const struct yaca_key_s *)key; + + if (lkey == NULL || key_type == NULL) + return YACA_ERROR_INVALID_ARGUMENT; + + *key_type = lkey->type; + return 0; +} + +API int yaca_key_get_bits(const yaca_key_h key, size_t *key_bits) { const struct yaca_key_simple_s *simple_key = key_get_simple(key); const struct yaca_key_evp_s *evp_key = key_get_evp(key); - if (simple_key != NULL) - return simple_key->bits; + if (key_bits == NULL) + return YACA_ERROR_INVALID_ARGUMENT; + + if (simple_key != NULL) { + *key_bits = simple_key->bits; + return 0; + } if (evp_key != NULL) { int ret; @@ -842,7 +858,8 @@ API int yaca_key_get_bits(const yaca_key_h key) return ret; } - return ret; + *key_bits = ret; + return 0; } return YACA_ERROR_INVALID_ARGUMENT; diff --git a/src/seal.c b/src/seal.c index 47fe00f..bbaa2ca 100644 --- a/src/seal.c +++ b/src/seal.c @@ -222,7 +222,8 @@ static int open_init(yaca_ctx_h *ctx, const struct yaca_key_simple_s *liv; struct yaca_seal_ctx_s *nc; const EVP_CIPHER *cipher; - int iv_bits; + size_t iv_bits; + size_t iv_bits_check; int ret; if (ctx == NULL || prv_key == YACA_KEY_NULL || sym_key == YACA_KEY_NULL) @@ -271,7 +272,12 @@ static int open_init(yaca_ctx_h *ctx, } // TODO: handling of algorithms with variable IV length - if (iv_bits != yaca_key_get_bits(iv)) { /* IV length doesn't match cipher */ + ret = yaca_key_get_bits(iv, &iv_bits_check); + if (ret != 0) { + ret = YACA_ERROR_INVALID_ARGUMENT; + goto err_free; + } + if (iv_bits != iv_bits_check) { /* IV length doesn't match cipher */ ret = YACA_ERROR_INVALID_ARGUMENT; goto err_free; } -- 2.7.4